summaryrefslogtreecommitdiffstats
path: root/security/commoncap.c (follow)
Commit message (Expand)AuthorAgeFilesLines
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds2017-09-121-21/+256
|\
| * Introduce v3 namespaced file capabilitiesSerge E. Hallyn2017-09-011-19/+251
| * security: Use user_namespace::level to avoid redundant iterations in cap_capa...Kirill Tkhai2017-07-201-2/+5
* | commoncap: Move cap_elevated calculation into bprm_set_credsKees Cook2017-08-011-42/+10
* | commoncap: Refactor to remove bprm_secureexec hookKees Cook2017-08-011-4/+8
|/
* security: mark LSM hooks as __ro_after_initJames Morris2017-03-061-1/+1
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds2017-02-241-2/+3
|\
| * exec: Remove LSM_UNSAFE_PTRACE_CAPEric W. Biederman2017-01-241-1/+1
| * exec: Test the ptracer's saved cred to see if the tracee can gain capsEric W. Biederman2017-01-241-1/+2
| * exec: Don't reset euid and egid when the tracee has CAP_SETUIDEric W. Biederman2017-01-241-1/+1
* | LSM: Add /sys/kernel/security/lsmCasey Schaufler2017-01-191-1/+2
|/
* xattr: Add __vfs_{get,set,remove}xattr helpersAndreas Gruenbacher2016-10-081-15/+10
* fs: Treat foreign mounts as nosuidAndy Lutomirski2016-06-241-1/+7
* fs: Limit file caps to the user namespace of the super blockSeth Forshee2016-06-241-0/+2
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds2016-05-171-3/+3
|\
| * ->getxattr(): pass dentry and inode as separate argumentsAl Viro2016-04-111-3/+3
* | security: Introduce security_settime64()Baolin Wang2016-04-221-1/+1
|/
* ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn2016-01-211-1/+6
* capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISEAndy Lutomirski2015-09-051-1/+2
* capabilities: ambient capabilitiesAndy Lutomirski2015-09-051-10/+92
* LSM: Switch to lists of hooksCasey Schaufler2015-05-121-8/+33
* VFS: security/: d_backing_inode() annotationsDavid Howells2015-04-151-3/+3
* file->f_path.dentry is pinned down for as long as the file is open...Al Viro2015-01-261-5/+1
* kill f_dentry usesAl Viro2014-11-191-1/+1
* CAPABILITIES: remove undefined caps from all processesEric Paris2014-07-241-0/+3
* commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa2014-07-241-42/+30
* capabilities: allow nice if we are privilegedSerge Hallyn2013-08-311-4/+4
* userns: Allow PR_CAPBSET_DROP in a user namespace.Eric W. Biederman2013-08-311-1/+1
* kill f_vfsmntAl Viro2013-02-261-1/+1
* Fix cap_capable to only allow owners in the parent user namespace to have caps.Eric W. Biederman2012-12-141-8/+17
* split ->file_mmap() into ->mmap_addr()/->mmap_file()Al Viro2012-05-311-18/+3
* split cap_mmap_addr() out of cap_file_mmap()Al Viro2012-05-311-9/+23
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds2012-05-241-25/+36
|\
| * userns: Convert capabilities related permsion checksEric W. Biederman2012-05-031-15/+26
| * userns: Store uid and gid values in struct cred with kuid_t and kgid_t typesEric W. Biederman2012-05-031-2/+1
| * userns: Simplify the user_namespace by making userns->creator a kuid.Eric W. Biederman2012-04-261-2/+3
| * userns: Add an explicit reference to the parent user namespaceEric W. Biederman2012-04-081-1/+1
| * userns: Use cred->user_ns instead of cred->user->user_nsEric W. Biederman2012-04-081-7/+7
* | Merge tag 'v3.4-rc5' into nextJames Morris2012-05-041-0/+6
|\ \
| * | security: fix compile error in commoncap.cJonghwan Choi2012-04-191-0/+1
| * | fcaps: clear the same personality flags as suid when fcaps are usedEric Paris2012-04-181-0/+5
| |/
* / Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privsAndy Lutomirski2012-04-141-2/+5
|/
* security: trim security.hAl Viro2012-02-141-0/+1
* Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-securityLinus Torvalds2012-01-151-17/+7
|\
| * security: remove the security_netlink_recv hook as it is equivalent to capable()Eric Paris2012-01-061-8/+0
| * capabilities: remove the task from capable LSM hook entirelyEric Paris2012-01-061-9/+7
* | capabilities: initialize has_capSerge Hallyn2011-08-161-1/+1
* | capabilities: do not grant full privs for setuid w/ file caps + no effective ...Zhi Li2011-08-121-6/+10
|/
* capabilities: do not special case exec of initEric Paris2011-04-041-9/+4
* userns: allow ptrace from non-init user namespacesSerge E. Hallyn2011-03-241-8/+32